PT-2024-31978 · Unknown · Best House Rental Management System

Gaorenyusi

Published

2024-09-18

Updated

2024-09-20

CVE-2024-46377

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Best House Rental Management System version 1.0

Description The issue concerns an arbitrary file upload vulnerability. This vulnerability is located in the save settings() function of the file rental/admin class.php.

Recommendations For Best House Rental Management System version 1.0, consider disabling the save settings() function until a patch is available to prevent exploitation of the arbitrary file upload vulnerability. Restrict access to the rental/admin class.php file to minimize the risk of exploitation.

Exploit

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2024-46377

Affected Products

Best House Rental Management System

PT-2024-31978 · Unknown · Best House Rental Management System

CVE-2024-46377

Weakness Enumeration

Related Identifiers

Affected Products

References · 6